惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Schneier on Security
F
Fortinet All Blogs
B
Blog
GbyAI
GbyAI
P
Proofpoint News Feed
量子位
The Register - Security
The Register - Security
宝玉的分享
宝玉的分享
大猫的无限游戏
大猫的无限游戏
云风的 BLOG
云风的 BLOG
V
Visual Studio Blog
B
Blog RSS Feed
WordPress大学
WordPress大学
Recorded Future
Recorded Future
Recent Announcements
Recent Announcements
V
Vulnerabilities – Threatpost
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
S
Secure Thoughts
雷峰网
雷峰网
Stack Overflow Blog
Stack Overflow Blog
C
Cybersecurity and Infrastructure Security Agency CISA
Webroot Blog
Webroot Blog
AWS News Blog
AWS News Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
The GitHub Blog
The GitHub Blog
爱范儿
爱范儿
O
OpenAI News
月光博客
月光博客
H
Hacker News: Front Page
S
Security Affairs
W
WeLiveSecurity
The Hacker News
The Hacker News
aimingoo的专栏
aimingoo的专栏
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Help Net Security
Help Net Security
MongoDB | Blog
MongoDB | Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
D
Docker
T
The Blog of Author Tim Ferriss
Spread Privacy
Spread Privacy
Blog — PlanetScale
Blog — PlanetScale
J
Java Code Geeks
S
Securelist
Microsoft Azure Blog
Microsoft Azure Blog
TaoSecurity Blog
TaoSecurity Blog
T
Threat Research - Cisco Blogs
M
MIT News - Artificial intelligence
A
About on SuperTechFans

Cisco Talos Blog

Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilities [Video] Where protection starts: Cisco Talos Intelligence Integrations The serpent’s tongue: Luring the Python out of its den WolfSSL, GeoVision, VTK vulnerabilities Winning 54% of the time UAT-7810 continues building ORB networks using new malware Catan and Mouse Martin Lee: Running through the Arctic (and the threat landscape) ARToken: Inside an EvilTokens affiliate panel targeting Microsoft 365 Beyond IOCs: AI-enabled threat intelligence Introduction to COM usage by Windows threats Close Encounters of the Human Kind Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model A tale of two eras Microsoft Patch Tuesday for June 2026 — Snort rules and prominent vulnerabilities Reporting from Vegas: Networking, AI, and good boys Winning the cyber marathon with Tony Giandomenico Hypotheses, telemetry, and human judgment: Inside Cisco Talos Threat Hunting Less panic patching, more precision DICOM, Pydicom, GDCM, and Orthanc: A technical tour of what really happens in the heap MediaArea heap-based buffer overflow vulnerabilities Introducing EvidenceForge: Synthetic security logs that don’t look (as) fake The art of being ungovernable TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat The time of much patching is coming Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities Microsoft Patch Tuesday for May 2026 — Snort rules and prominent vulnerabilities State-sponsored actors, better known as the friends you don’t want Unplug your way to better code Insights into the clustering and reuse of phone numbers in scam emails UAT-8302 and its box full of malware
Breaking things to keep them safe with Philippe Laulheret
Amy Ciminnisi · 2026-05-13 · via Cisco Talos Blog

In the latest Humans of Talos, Amy sits down with Senior Vulnerability Researcher Philippe Laulheret to demystify the world of ethical hacking. Philippe shares his unique journey from French engineering school to the front lines of cybersecurity, explaining how his lifelong love for solving puzzles helps him uncover critical security flaws before they can be exploited.

From his memorable experiment using a green onion to bypass a biometric fingerprint reader to his perspective on the reality of cybersecurity versus what we see in the movies, Philippe provides a fascinating look at the work that keeps our digital world safe.

Amy Ciminnisi: So, can you talk to me a little bit about what you do in vulnerability research?

Philippe Laulheret: I work in vulnerability research. Basically, my job is to find vulnerabilities in software, hardware, or things physically. It’s an interesting position because I usually get to choose which target I want to look at, which confuses people usually, because usually it’s a consulting role, or someone asks you to do that. But for us, we find vulnerabilities in things that we think are important. And then this way, people in different teams can write detection rules, and our customers are protected.

AC: I love that you get to kind of pick a niche and explore. How did you get into this?

PL: My deepest interest was more in reverse engineering, which is understanding how things work, software in particular. Throughout my whole life, I was really curious and really wanted to understand stuff. I guess research is an extension of that where you need to understand how the system works, and then it’s a puzzle where you need to find a way to break it. In my teenage years, I was really interested in that. I started playing Capture The Flag, which are challenges where people design exercises where there is a bug to find and exploit. It was really fun. I was doing that to stay sharp with my skills, and eventually, I was able to transition from regular development work to actual research. All those years of playing CTF really helped, even if it wasn't professional.

AC: Did you go to school initially for development work? What kind of career path led you here?

PL: Originally, as you can hear, I have a French accent. In France, we have engineering schools, which are fancy grad schools. The process is first you study very hard in math and physics, and then you go to grad school. At that time, I was convinced I wanted to do security, and I joined an electrical and computer engineering school. Somehow, in that school, I discovered an interest for different aspects of software development. I was getting interested in computer vision and other things. When I moved to the U.S. for development work instead of security work, I worked in a design studio for four years, which was really fun. I was making interactive installations. But as I said, I was playing CTF on the side to keep security pretty high in my head. Eventually, I moved to New York and joined a cybersecurity startup, and finally, I moved back to the Pacific Northwest, where I’m currently living, and I was finally able to do vulnerability research the way I wanted to.


Want to see more? Watch the full interview, and don’t forget to subscribe to our YouTube channel for future episodes of Humans of Talos.